Commit | Line | Data |
---|---|---|
6e837fb1 EB |
1 | /* |
2 | * Common LSM logging functions | |
3 | * Heavily borrowed from selinux/avc.h | |
4 | * | |
5 | * Author : Etienne BASSET <etienne.basset@ensta.org> | |
6 | * | |
7 | * All credits to : Stephen Smalley, <sds@epoch.ncsc.mil> | |
8 | * All BUGS to : Etienne BASSET <etienne.basset@ensta.org> | |
9 | */ | |
10 | #ifndef _LSM_COMMON_LOGGING_ | |
11 | #define _LSM_COMMON_LOGGING_ | |
12 | ||
13 | #include <linux/stddef.h> | |
14 | #include <linux/errno.h> | |
15 | #include <linux/kernel.h> | |
16 | #include <linux/kdev_t.h> | |
17 | #include <linux/spinlock.h> | |
18 | #include <linux/init.h> | |
19 | #include <linux/audit.h> | |
20 | #include <linux/in6.h> | |
21 | #include <linux/path.h> | |
22 | #include <linux/key.h> | |
23 | #include <linux/skbuff.h> | |
24 | #include <asm/system.h> | |
25 | ||
26 | ||
27 | /* Auxiliary data to use in generating the audit record. */ | |
28 | struct common_audit_data { | |
dd8dbf2e | 29 | char type; |
f48b7399 | 30 | #define LSM_AUDIT_DATA_PATH 1 |
dd8dbf2e EP |
31 | #define LSM_AUDIT_DATA_NET 2 |
32 | #define LSM_AUDIT_DATA_CAP 3 | |
33 | #define LSM_AUDIT_DATA_IPC 4 | |
34 | #define LSM_AUDIT_DATA_TASK 5 | |
35 | #define LSM_AUDIT_DATA_KEY 6 | |
cb84aa9b | 36 | #define LSM_AUDIT_DATA_NONE 7 |
dd8dbf2e | 37 | #define LSM_AUDIT_DATA_KMOD 8 |
f48b7399 | 38 | #define LSM_AUDIT_DATA_INODE 9 |
a269434d | 39 | #define LSM_AUDIT_DATA_DENTRY 10 |
6e837fb1 EB |
40 | struct task_struct *tsk; |
41 | union { | |
f48b7399 | 42 | struct path path; |
a269434d | 43 | struct dentry *dentry; |
f48b7399 | 44 | struct inode *inode; |
6e837fb1 EB |
45 | struct { |
46 | int netif; | |
47 | struct sock *sk; | |
48 | u16 family; | |
49 | __be16 dport; | |
50 | __be16 sport; | |
51 | union { | |
52 | struct { | |
53 | __be32 daddr; | |
54 | __be32 saddr; | |
55 | } v4; | |
56 | struct { | |
57 | struct in6_addr daddr; | |
58 | struct in6_addr saddr; | |
59 | } v6; | |
60 | } fam; | |
61 | } net; | |
62 | int cap; | |
63 | int ipc_id; | |
64 | struct task_struct *tsk; | |
65 | #ifdef CONFIG_KEYS | |
66 | struct { | |
67 | key_serial_t key; | |
68 | char *key_desc; | |
69 | } key_struct; | |
70 | #endif | |
dd8dbf2e | 71 | char *kmod_name; |
6e837fb1 | 72 | } u; |
6e837fb1 EB |
73 | /* this union contains LSM specific data */ |
74 | union { | |
65c3f0a2 | 75 | #ifdef CONFIG_SECURITY_SMACK |
6e837fb1 EB |
76 | /* SMACK data */ |
77 | struct smack_audit_data { | |
ed5215a2 | 78 | const char *function; |
6e837fb1 EB |
79 | char *subject; |
80 | char *object; | |
81 | char *request; | |
82 | int result; | |
83 | } smack_audit_data; | |
65c3f0a2 TL |
84 | #endif |
85 | #ifdef CONFIG_SECURITY_SELINUX | |
6e837fb1 EB |
86 | /* SELinux data */ |
87 | struct { | |
88 | u32 ssid; | |
89 | u32 tsid; | |
90 | u16 tclass; | |
91 | u32 requested; | |
92 | u32 audited; | |
2bf49690 | 93 | u32 denied; |
b782e0a6 EP |
94 | /* |
95 | * auditdeny is a bit tricky and unintuitive. See the | |
96 | * comments in avc.c for it's meaning and usage. | |
97 | */ | |
98 | u32 auditdeny; | |
6e837fb1 EB |
99 | struct av_decision *avd; |
100 | int result; | |
101 | } selinux_audit_data; | |
67012e82 JJ |
102 | #endif |
103 | #ifdef CONFIG_SECURITY_APPARMOR | |
104 | struct { | |
105 | int error; | |
106 | int op; | |
107 | int type; | |
108 | void *profile; | |
109 | const char *name; | |
110 | const char *info; | |
111 | union { | |
112 | void *target; | |
113 | struct { | |
114 | long pos; | |
115 | void *target; | |
116 | } iface; | |
117 | struct { | |
118 | int rlim; | |
119 | unsigned long max; | |
120 | } rlim; | |
121 | struct { | |
122 | const char *target; | |
123 | u32 request; | |
124 | u32 denied; | |
125 | uid_t ouid; | |
126 | } fs; | |
127 | }; | |
128 | } apparmor_audit_data; | |
65c3f0a2 | 129 | #endif |
d4131ded | 130 | }; |
6e837fb1 EB |
131 | /* these callback will be implemented by a specific LSM */ |
132 | void (*lsm_pre_audit)(struct audit_buffer *, void *); | |
133 | void (*lsm_post_audit)(struct audit_buffer *, void *); | |
134 | }; | |
135 | ||
136 | #define v4info fam.v4 | |
137 | #define v6info fam.v6 | |
138 | ||
139 | int ipv4_skb_to_auditdata(struct sk_buff *skb, | |
140 | struct common_audit_data *ad, u8 *proto); | |
141 | ||
142 | int ipv6_skb_to_auditdata(struct sk_buff *skb, | |
143 | struct common_audit_data *ad, u8 *proto); | |
144 | ||
145 | /* Initialize an LSM audit data structure. */ | |
146 | #define COMMON_AUDIT_DATA_INIT(_d, _t) \ | |
147 | { memset((_d), 0, sizeof(struct common_audit_data)); \ | |
ed5215a2 | 148 | (_d)->type = LSM_AUDIT_DATA_##_t; } |
6e837fb1 EB |
149 | |
150 | void common_lsm_audit(struct common_audit_data *a); | |
151 | ||
152 | #endif |